<?PHP
/**
 * LianPHP安全类库
 * 
 * @author 大春 lianwanchun@163.com
 * @version 0.1 
 * @copyright Copyright &copy; 2010 lian wan chun
 */

class Safe extends LianPhp {
	/**
	* 防注入
	*
	* @param string $str 过滤字符串
	* @return string
	*/
	public function safeSql($str){
		if (get_magic_quotes_gpc()) {
			$str = addslashes($str);
		}
		return $str;
	}

	/**
	 * 关闭全局变量
	 */
	public function unregisterGLOBALS() {
		if (!ini_get('register_globals')) return;
		if (isset($_REQUEST['GLOBALS']))die('GLOBALS overwrite attempt detected');
		$noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES', 'table_prefix');
		$input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
		foreach ($input as $k => $v){
			if (!in_array($k, $noUnset) && isset($GLOBALS[$k])) {
				$GLOBALS[$k] = NULL;
				unset($GLOBALS[$k]);
			}
		}
	}

	/**
	 * 浏览器友好的变量输出
	 *
	 * @param  $var		//变量
	 * @param  $echo	//true 直接输出 flase 返回结果
	 * @param  $label	//层级空格
	 * @param  $strict
	 * @return unknown
	 */
	public function dump($var, $echo=true,$label=null)
	{
		$label = ($label===null) ? '' : rtrim($label) . ' ';
		ob_start();
		var_dump($var);
		$output = ob_get_clean();
		$output = preg_replace("/\]\=\>\n(\s+)/m", "] => ", $output);
		$output = '<pre>'. $label. htmlspecialchars($output, ENT_QUOTES). '</pre>';
		if ($echo) {
			echo($output);
			return null;
		}else
		return $output;
	}

	/**
	 * 获取安全的POST值
	 *
	 * @param array $postArray
	 * @return array
	 */
	public function getPOST($postArray){
		if(!is_array($postArray) || count($postArray)<=0) return array();
		$post = array();
		foreach($postArray as $key => $val){
			$post[$key] = yahoo_get_data(YIV_POST,$key);
		}
		//unset($_POST);
		return $post;
	}

	/**
	 * 获取安全的GET值
	 *
	 * @param array $getArray
	 * @return array
	 */
	public function getGET($getArray){
		if(!is_array($getArray) || count($getArray)<=0) return array();
		$get = array();
		foreach($getArray as $key => $val){
			$get[$key] = yahoo_get_data(YIV_GET,$key);
		}
		unset($_GET);
		return $get;
	}

	/**
	 * 获取安全的REQUEST值
	 *
	 * @param array $requestArray
	 * @return array
	 */
	public function getREQUEST($requestArray){
		if(!is_array($requestArray) || count($requestArray)<=0) return array();
		$request = array();
		foreach($requestArray as $key => $val){
			$request[$key] = yahoo_get_data(YIV_REQUEST,$key);
		}
		unset($_REQUEST);
		return $request;
	}

}
?>